| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 19 Jul 2007 15:38:46 +0200 From: Krzysztof Halasa <khc@...waw.pl> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Jeff Garzik <jeff@...zik.org>, Andrew Morton <akpm@...ux-foundation.org>, LKML <linux-kernel@...r.kernel.org>, ak@...e.de, adaplas@...il.com, linux-fbdev-devel@...ts.sourceforge.net, benh@...nel.crashing.org Subject: Re: [git patches] two warning fixes Linus Torvalds <torvalds@...ux-foundation.org> writes: > So let's make a new rule: > > We absolutely NEVER add things like "must_check" unless not checking > causes a real and obvious SECURITY ISSUE. Oh, come on, almost every kernel bug is a potential security issue. IMHO, if the function can only fail due to a kernel bug, it should return void and, in case of bug, explode with BUG_ON() or something like that. Sure, must_check doesn't apply too well to void. But, if I have functions which can fail for legitimate (not kernel bug) reasons, and I know ignoring their return values would always be a bug, then must_check seems an obvious best and simple defense against that. -- Krzysztof Halasa - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists